class Admin::BaseController < ApplicationController
  layout "admin"
  
  protected
    def authorize
      user = User.find_by_id session[:user_id]
      unless user && authorize_with_right(user)
        session[:original_uri] = request.request_uri
        flash[:notice] = "Veuillez vous authentifier, droit insuffisant"
        redirect_to :login
      end
    end
    
    def authorize_with_right(user)
      Rule.can_view_admin?(user)
    end
end